b2c-webservices
Pass
Audited by Gen Agent Trust Hub on Apr 15, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a documentation and reference guide for the Salesforce B2C Commerce Service Framework. Analysis of all six files confirms that the code snippets provided follow standard platform APIs (
dw.svc.LocalServiceRegistry,dw.net.HTTPClient, etc.) and do not exhibit any malicious behavior. - [SAFE]: No prompt injection or override patterns were detected. The instructions are focused on guiding developers through service configuration and implementation.
- [SAFE]: No hardcoded credentials or sensitive data exposure findings were identified. While the documentation contains placeholders like
plaintext_passwordorAWS_SECRET_ACCESS_KEY, these are clearly labeled as examples and are accompanied by explicit warnings not to commit real passwords to version control. - [SAFE]: The skill promotes security best practices by providing detailed examples of how to implement the
filterLogMessagecallback to mask passwords, API keys, and authorization headers in communication logs. - [SAFE]: No remote code execution or suspicious external dependencies were found. All references are to standard Salesforce B2C Commerce internal APIs or generic example domains.
Audit Metadata